<?php
namespace Admin\Controller;
use Think\Controller;
use Org\Util\Rbac;

class PassportController extends Controller {
	/*
	* 登录界面
	*/
    public function login(){
        $auth_id = session(C('USER_AUTH_KEY'));
		if(!isset($auth_id)){
			$this->display();
		}else{
			header('Location:/admin/index');
		}
    }
	
	/*
	* 检测登录方法
	*/
	public function checkLogin(){
		$ret = array();
		$username = I('username');
		$passwd = I('passwd');
		if(empty($username)){
			$ret = array('code'=>0,'message'=>'用户名不能为空');
			$this->ajaxReturn($ret);
		}
		if(empty($passwd)){
			$ret = array('code'=>0,'message'=>'密码不能为空');
			$this->ajaxReturn($ret);
		}
		$queryArr = array("login_name"=>$username,"login_pass"=>md5($passwd));
		$userInfo = D('Operators')->where($queryArr)->find();
		if(empty($userInfo['id'])){
			$ret = array('code'=>0,'message'=>'用户名或者密码不存在！');
			$this->ajaxReturn($ret);
		}else{
			if($userInfo['status']!=1){
				$ret = array('code'=>0,'message'=>'您的账户已暂停或者删除，请联系管理员！');
				$this->ajaxReturn($ret);
			}
			session(C('USER_AUTH_KEY'),$userInfo['id']);
			session('login_name',$userInfo['login_name']);
			session('real_name',$userInfo['real_name']);
			session('priv',$userInfo['priv']);
			session('role_id',$userInfo['role']);
			//rbac 开始
			if($userInfo['login_name'] == C('RBAC_SUPERADMIN')){
				session(C('ADMIN_AUTH_KEY'),true);
			}
			Rbac::saveAccessList($userInfo['id']);
			$ret = array('code'=>1,'message'=>'success');
			$this->ajaxReturn($ret);
		}
	}
}